Do not allow import-as to rebind "under names".

zopefoundation · Nov 6, 2003 · f64a4bd · f64a4bd
1 parent dfed36b
commit f64a4bd
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 1 deletion.
diff --git a/RestrictionMutator.py b/RestrictionMutator.py
@@ -15,7 +15,7 @@
 compiler.transformer.Transformer, restricting and enhancing the
 code in various ways before sending it to pycodegen.
 '''
-__version__='$Revision: 1.10 $'[11:-2]
+__version__='$Revision: 1.11 $'[11:-2]
 
 from SelectCompiler import ast, parse, OP_ASSIGN, OP_DELETE, OP_APPLY
 
@@ -271,3 +271,10 @@ def visitModule(self, node, walker):
     def visitAugAssign(self, node, walker):
         node.node.in_aug_assign = 1
         return walker.defaultVisitNode(node)
+
+    def visitImport(self, node, walker):
+        for name, asname in node.names:
+            self.checkName(node, name)
+            if asname:
+                self.checkName(node, asname)
+        return node
diff --git a/tests/security_in_syntax.py b/tests/security_in_syntax.py
@@ -30,3 +30,13 @@ def bad_attr():
 
 def no_exec():
     exec 'q = 1'
+
+def no_yield():
+    yield 42
+
+def check_getattr_in_lambda(arg=lambda _getattr=(lambda ob, name: name):
+                                       _getattr):
+    42
+
+def import_as_bad_name():
+    import os as _leading_underscore